Remote Credential Exposure in Symantec Endpoint Encryption Product
CVE-2015-6556

Currently unrated

Key Information:

Vendor: Symantec
Status: Endpoint Encryption
Vendor: CVE Published:; 18 December 2015

Summary

The Framework Service in Symantec Endpoint Encryption prior to version 11.1.0 contains a vulnerability that allows remote authenticated users to trigger a memory dump. This exploitation provides unauthorized access to sensitive credentials, posing significant risks to system security. It is crucial for users and administrators to update to the latest version to mitigate this vulnerability.

References

http://www.securityfocus.com/bid/78803

vdb-entryx_refsource_BID

http://www.symantec.com/security_response/securityupdates...

x_refsource_CONFIRM

Timeline

Vulnerability published
Dec 18, 2015
Vulnerability Reserved
Aug 21, 2015